Privacy Policy

Name and address of the controller

PASSAVIA Druckservice GmbH & Co. KG
Medienstr. 5b I 
94036 Passau
Germany
Phone: +49 851 966 180-0
E-Mail: info@passavia.de
Website: www.passavia.de


Name and address of the data protection officer

The data protection officer of the controller is:
AGOR AG
Niddastraße 74
60329 Frankfurt am Main
Germany
Phone: +49 (0) 69 - 9494 32 410
E-mail: info@agor-ag.com
Website: www.agor-ag.com


General information on data processing


Scope of the processing of personal data
We generally collect and use personal data of users of our website only insofar as this is necessary to provide a functional website and our content and services.

As a rule, personal data is collected and used only with the user’s consent. An exception applies in cases where data processing is permitted by statutory provisions or where obtaining prior consent is not possible for factual reasons.

Legal basis for the processing of personal data
The legal bases for the processing of personal data are generally derived from:

  • Art. 6(1)(a) GDPR – where the data subject has given consent

  • Art. 6(1)(b) GDPR – for processing necessary for the performance of a contract or for pre-contractual measures

  • Art. 6(1)(c) GDPR – for processing necessary to comply with a legal obligation

  • Art. 6(1)(d) GDPR – where processing is necessary to protect vital interests

  • Art. 6(1)(f) GDPR – where processing is necessary for the purposes of legitimate interests pursued by the controller or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not override such interests

In order to rely on legitimate interest, an assessment is carried out for each relevant process in coordination with the data protection officer, based on the following criteria:

  1. The controller or a third party has a legitimate interest in the processing.

  2. The processing is necessary to safeguard that legitimate interest.

  3. The interests or fundamental rights and freedoms of the data subject do not override the legitimate interest.

Data deletion and storage period
Personal data will be deleted or restricted as soon as the purpose of storage ceases to apply. Further storage may take place if required by European or national legislation. Data will also be deleted or restricted once statutory retention periods expire, unless further storage is required for the conclusion or performance of a contract.


Use of our website, general information


Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the user’s computer system. This may include:

  • Browser type and version

  • Operating system

  • Internet service provider

  • IP address

  • Date and time of access

  • Referring websites

  • Websites accessed via our website

This data is stored in log files. It is not stored together with other personal data.

Purpose and legal basis for processing
Temporary storage of the IP address is required to deliver the website to the user’s device. The IP address must remain stored for the duration of the session.

Log files are stored to ensure the functionality of the website, to optimize the website, and to ensure the security of our IT systems. No evaluation of this data for marketing purposes takes place.

The legal basis for this processing is Art. 6(1)(f) GDPR.

The collection of personal data for the provision of the website and the storage of data in log files is mandatory for website operation. Therefore, no right to object exists.

Storage duration
Data collected to provide the website is deleted once the respective session has ended.

Log file data is deleted after no more than seven days. Longer storage may occur if IP addresses are anonymized so that identification of the accessing client is no longer possible.

General information on the use of cookies
We use cookies on our website. Cookies are text files that are stored on the user’s device and enable recognition of the browser when the website is accessed again.

Cookies are used to make our website more user-friendly. Some elements of our website require that the browser can be identified even after a page change.

TDDDG:
The legal basis for storing cookies, device identifiers and similar tracking technologies, as well as for storing information on and accessing information from the user’s end device, is the European ePrivacy Directive in conjunction with the German Telecommunications Digital Services Data Protection Act (TDDDG).

Please note that the legal basis for processing personal data collected in this context is derived from the GDPR (Art. 6(1) GDPR). The specific legal basis applicable in each case can be found in the respective cookie settings or processing description.

The primary legal basis for storing information on the user’s end device, in particular cookies, is consent pursuant to § 25(1) TDDDG. Consent is obtained when visiting our website and can be withdrawn at any time via the cookie settings.

Pursuant to § 25(2) No. 2 TDDDG, consent is not required where storage or access is strictly necessary to provide a telemedia service expressly requested by the user. Cookies classified as strictly necessary fall under this exemption.


GDPR – cookies

The following data is stored and transmitted:

  • Randomly generated security code

The legal basis for processing personal data using technically necessary cookies is Art. 6(1)(f) GDPR. These cookies serve to ensure website security and functionality.

No user profiles are created using technically necessary cookies.

Users may restrict or disable cookies via browser settings. Stored cookies can also be deleted. Please note that disabling cookies may limit website functionality.

For cookies used for analysis or advertising purposes, the legal basis is Art. 6(1)(a) GDPR, provided the user has given consent.


Rights of the data subject

Under the GDPR, you have the following rights:

  1. Right of access (Art. 15 GDPR)
    Requests may be sent to: datenschutz@passavia.de

  2. Right to rectification (Art. 16 GDPR)

  3. Right to restriction of processing (Art. 18 GDPR)

  4. Right to erasure (Art. 17 GDPR), subject to statutory exceptions

  5. Right to notification (Art. 19 GDPR)

  6. Right to data portability (Art. 20 GDPR)

  7. Right to withdraw consent (Art. 7(3) GDPR)

  8. Right to object (Art. 21 GDPR)

  9. Automated individual decision-making, including profiling (Art. 22 GDPR)

  10. Right to lodge a complaint with a supervisory authority


Data transfer outside the EU
We primarily work with European service providers. Data processing outside the EU occurs only where the requirements of Arts. 44 et seq. GDPR are met, such as adequacy decisions or standard contractual clauses.


EU-US Trans-Atlantic Data Privacy Framework
Under the Data Privacy Framework (DPF), the European Commission recognized an adequate level of data protection for certain certified US companies on July 10, 2023.The list of certified companies as well as further information on the DPF can be found on the website of the US Department of Commerce at https://www.dataprivacyframework.gov/s/participant-search


Processing under the Swiss Federal Act on Data Protection (FADP)

For users accessing our website from Switzerland, the provisions of the Swiss Federal Act on Data Protection (as of 1 September 2023) apply analogously.

GDPR terminology used herein corresponds in legal meaning to the terminology used under Swiss data protection law.

 

Minors under 16 years of age
Minors under the age of 16 should not transmit personal data without the consent of their parents or legal guardians. We do not knowingly collect or process such data.


Newsletter

General information

Users may subscribe to a free newsletter to receive information about current offers. The following data is collected:

  • Email address

  • Date and time of registration

  • Double opt-in confirmation

The data is used exclusively for newsletter delivery.

Double opt-in and logging
Newsletter registration takes place via a double opt-in procedure. Registration details and IP address are logged to comply with legal requirements.

Legal basis
The legal basis is Art. 6(1)(a) GDPR.

Deletion, revocation and objection
Data is stored for as long as the newsletter subscription is active. Consent can be withdrawn at any time via the unsubscribe link.

Mailing service provider – CleverReach
Provider: CleverReach GmbH & Co. KG, Germany
Data storage: Germany / Ireland

A data processing agreement has been concluded.

You can find more details in CleverReach's privacy policy at: https://www.cleverreach.com/de/datenschutz/.


Electronic contact
When using the contact form, the following data is processed:

  • Company (optional)

  • First name

  • Last name

  • Email address

  • Phone number (optional)

  • Message

Additional data:

  • IP address

  • Date and time of submission

Legal basis: Art. 6(1)(b) GDPR

Data is deleted once the communication has been concluded.


Job applications
Applications may be submitted by email.

Legal basis: Art. 88 GDPR in conjunction with § 26 BDSG

Data is deleted six months after rejection unless statutory retention obligations apply.


Social Media

We maintain presences on various social media platforms. Processing is based on Art. 6(1)(f) GDPR or Art. 6(1)(a) GDPR if consent is given.

Facebook
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Data protection declaration: https://www.facebook.com/about/privacy/
Opt-Out: https://www.facebook.com/settings?tab=ads
and http://www.youronlinechoices.com

Instagram
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Data protection declaration/Opt-Out: http://instagram.com/about/legal/privacy/

LinkedIn
LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland
Data protection declaration: https://www.linkedin.com/legal/privacy-policy
Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

Xing
XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany
Data protection declaration/ Opt-Out:
https://privacy.xing.com/de/datenschutzerklaerung

Social media presence
We maintain fan pages within various social networks and platforms with the aim of communicating with the customers, interested parties and users active there and informing them about our services.

We would like to point out that your personal data may be processed outside the European Union, which may result in risks for you (e.g. when enforcing your rights under European / German law).

As a rule, user data is processed for market research and advertising purposes. For example, usage profiles can be created from the usage behavior and the resulting interests of the users. These user profiles can in turn be used, for example, to place advertisements within and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are generally stored on the user's computer, in which the user's usage behavior and interests are stored. Furthermore, data can also be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).

The processing of users' personal data is based on our legitimate interests in effective user information and communication with users in accordance with Art. 6 para. 1 sentence 1 lit. f. GDPR. GDPR. If users are asked by the respective providers to consent to data processing (i.e. to give their consent, e.g. by ticking a checkbox or confirming a button), the legal basis for processing is Art. 6 para. 1 sentence 1 lit. a. GDPR.

Further information on the processing of your personal data and your options to object can be found under the links of the respective provider listed below. The assertion of information and other rights of the data subjects can also be made against the providers, then only they have direct access to the data of the users and have the corresponding information. We are of course available to answer any questions you may have and will support you if you need help.

Google Maps
We use the Google Maps service on this website. This allows us to show you interactive maps directly on the website and enables you to use the map function conveniently.

When you visit the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned in section IV of this declaration is transmitted to Google. This takes place regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.

The legal basis for the use of Google Maps is our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f, which consists of providing our users with the most extensive and appealing user experience possible.

Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the provider's privacy policy. There you will also find further information on your rights in this regard and setting options to protect your privacy: http://www.google.de/intl/de/policies/privacy